Several cyber-crime cases dismantled by Romanian police in cooperation with international law enforcement show that the Eastern European country is still a hub for cyber-related crime.
Police arrested 20 suspects, nine in Romania and 11 in Italy, after a two-year investigation.
The organised crime group was essentially comprised of Italian nationals used phishing emails impersonating tax authorities to harvest the online banking credentials of their victims and then transferring the money to Romania.
The money was withdrawn from ATMs in Romania with credit or debit cards linked to the criminal accounts. Europol said they are also suspected of money laundering, drug and human trafficking, prostitution and of participation in a criminal organisation.
A wave of high-profile cyber-crime cases, including an unemployed Romanian taxi driver who called himself “Guccifer” and hacked the emails of former US Secretary of State Colin Powell and former President George W Bush in 2011, have also put a spotlight on the dark side of Romania’s growing IT industry.
After the US Embassy said that in 2011 alone Romanian hackers stole 1 billion dollars from Americans, US law enforcement authorities have in recent years kept in close contact with cybercrime units in Bucharest.
A Romanian national, Nicolae Popescu, is the second most wanted on the FBI’s cybercrime list, with a 1-million-dollar reward for his arrest.
He escaped arrest in 2010, before the Romanian police could produce a warrant. Popescu was involved with an estimated 250 Romanians in the “Valley of the Kings” case, the country’s biggest cybercrime bust; the perpetrators allegedly stole 750.000 euros by faking auctions on e-Bay.
The FBI put Popescu on the wanted list in 2012 after he allegedly set up a similar scheme that has sold numerous Americans fake items on various websites.
In February 2017, Romania’s Court of Appeal decided to extradite two Romanians to the US who had allegedly hacked into 123 Washington Police Department outdoor surveillance cameras just before US President Donald Trump’s inauguration. They demanded ransom money to unlock the blocked computers.
Mihail Isvanca, 25, and Eveline Cismaru, 28, were arrested in December 2017. They have been charged by a US Federal court with fraud and computer crimes.
The case was given high priority as the two Romanians’ actions impacted the US Secret Service’s mission and may have affected the security plan for the President’s inauguration.
Also, in December 2017, police in Romania arrested five suspects for allegedly spreading ransomware and renting the malware from an outfit on the Dark Web.
According to Europol, Romanian police have worked with Dutch counterparts and public prosecutor’s offices, as well as with law enforcement agencies in the UK and the US.
Europol says that in early 2017, the Dutch High Tech Crime Unit tipped off Romanian authorities about a group of Romanian nationals who were behind a wave of spam that pretended to originate from well-known companies in countries such as Italy, the Netherlands and the UK.
Europol says the operation identified more than 170 victims from several European countries.
With the fifth fastest internet speed in the world, Romania is one of the EU countries most vulnerable to cybercrime, according to studies.
In September 2017 it ranked third, after Malta and Greece in a vulnerability index published by Website Builder Expert, WBE.
However, Romanian authorities have developed cyber-crime fighting units that have been cooperating well in international cases.
Romanian police cooperated in a Europol led case to break up a a cybercrime syndicate of Ukrainian and Russian nationals that allegedly stole more than 1 billion euros from bank accounts over five years.
Since 2014, Romania has also led a NATO cybercrime defence unit that counters cyber attacks from Russia in Ukraine.